[Referências do Episódio]

- PixBankBot: New ATS-Based Malware Poses Threat to the Brazilian Banking Sector - https://blog.cyble.com/2023/05/30/pixbankbot-new-ats-based-malware-poses-threat-to-the-brazilian-banking-sector/

- New macOS vulnerability, Migraine, could bypass System Integrity Protection - https://www.microsoft.com/en-us/security/blog/2023/05/30/new-macos-vulnerability-migraine-could-bypass-system-integrity-protection/

- Barracuda Email Security Gateway Appliance (ESG) Vulnerability - https://www.barracuda.com/company/legal/esg-vulnerability 

- Fog of war: how the Ukraine conflict transformed the cyber threat landscape - https://blog.google/threat-analysis-group/fog-of-war-how-the-ukraine-conflict-transformed-the-cyber-threat-landscape/

- Void Rabisu’s Use of RomCom Backdoor Shows a Growing Shift in Threat Actors’ Goals - https://www.trendmicro.com/en_us/research/23/e/void-rabisu-s-use-of-romcom-backdoor-shows-a-growing-shift-in-th.html

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- GobRAT malware written in Go language targeting Linux routers - https://blogs.jpcert.or.jp/en/2023/05/gobrat.html

- DogeRAT: The Android Malware Campaign Targeting Users Across Multiple Industries - https://cloudsek.com/blog/dogerat-the-android-malware-campaign-targeting-users-across-multiple-industries

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- New Info Stealer Bandit Stealer Targets Browsers, Wallets - https://www.trendmicro.com/en_us/research/23/e/new-info-stealer-bandit-stealer-targets-browsers-wallets.html

- CISA adds recently patched Barracuda zero-day to its Known Exploited Vulnerabilities catalog - https://securityaffairs.com/146729/security/cisa-barracuda-0day-catalog.html

- Barracuda identified a vulnerability (CVE-2023-2868) in our Email Security Gateway appliance (ESG) on May 19, 2023. - https://status.barracuda.com/incidents/34kx82j5n4q9

- Mercenary mayhem: A technical analysis of Intellexa's PREDATOR spyware - https://blog.talosintelligence.com/mercenary-intellexa-predator/

- The Dark Frost Enigma: An Unexpectedly Prevalent Botnet Author Profile - https://www.akamai.com/blog/security-research/dark-frost-botnet-unexpected-author-profile 

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- Operation Magalenha | Long-Running Campaign Pursues Portuguese Credentials and PII - https://www.sentinelone.com/labs/operation-magalenha-long-running-campaign-pursues-portuguese-credentials-and-pii/

- Volt Typhoon targets US critical infrastructure with living-off-the-land techniques - https://www.microsoft.com/en-us/security/blog/2023/05/24/volt-typhoon-targets-us-critical-infrastructure-with-living-off-the-land-techniques/

- COSMICENERGY: New OT Malware Possibly Related To Russian Emergency Response Exercises - https://www.mandiant.com/resources/blog/cosmicenergy-ot-malware-russian-response

- Buhti: New Ransomware Operation Relies on Repurposed Payloads - https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/buhti-ransomware

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- Legion Update to attach SSH Servers - https://www.cadosecurity.com/updates-to-legion-a-cloud-credential-harvester-and-smtp-hijacker/

- Technical Analysis of Pikabot - https://www.zscaler.com/blogs/security-research/technical-analysis-pikabot

- Agrius Deploys Moneybird in attacks against israeli organizations - https://research.checkpoint.com/2023/agrius-deploys-moneybird-in-targeted-attacks-against-israeli-organizations/

- Attacks against Ukranian organization - https://thehackernews.com/2023/05/cyber-attacks-strike-ukraines-state.html e https://cert.gov.ua/article/4697016

[Ficha técnica]

Apresentação: Daniel Venzi

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- Meet the GoldenJackal APT group. Don’t expect any howls - https://securelist.com/goldenjackal-apt-group/109677/

- Android app breaking bad: From legitimate screen recording to file exfiltration within a year - https://www.welivesecurity.com/2023/05/23/android-app-breaking-bad-legitimate-screen-recording-file-exfiltration/

- Lazarus Group Targeting Windows IIS Web Servers - https://asec.ahnlab.com/en/53132/ 

- StrelaStealer Being Distributed To Spanish Users - https://asec.ahnlab.com/en/53158/ 

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- BlackCat Ransomware Deploys New Signed Kernel Driver - https://www.trendmicro.com/en_us/research/23/e/blackcat-ransomware-deploys-new-signed-kernel-driver.html

- CLOUD-BASED MALWARE DELIVERY: THE EVOLUTION OF GULOADER - https://research.checkpoint.com/2023/cloud-based-malware-delivery-the-evolution-of-guloader/

- CISA Adds Three Known Exploited Vulnerabilities to Catalog - https://www.cisa.gov/news-events/alerts/2023/05/22/cisa-adds-three-known-exploited-vulnerabilities-catalog

- CVE-2023-32154 - https://blog.mikrotik.com/security/cve-2023-32154.html

- Unmasking GUI-Vil: Financially Motivated Cloud Threat Actor - https://permiso.io/blog/s/unmasking-guivil-new-cloud-threat-actor/

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- PyPI new user and new project registrations temporarily suspended: Incident Report for Python Infrastructure - https://status.python.org/incidents/qy2t9mjjcc7g

- Phishing attacks already using the .zip TLD - https://news.netcraft.com/archives/2023/05/17/phishing-attacks-already-using-the-zip-tld.html

- KeePass 2.X Master Password Dumper (CVE-2023-32784) - https://github.com/vdohney/keepass-password-dumper

- Security - Dumping Master Password from Memory, Even When Locked - https://sourceforge.net/p/keepass/discussion/329220/thread/f3438e6283/#8a4a

- Notorious Cyber Gang FIN7 Returns With Cl0p Ransomware in New Wave of Attacks - https://thehackernews.com/2023/05/notorious-cyber-gang-fin7-returns-cl0p.html

- Rust-Based Info Stealers Abuse GitHub Codespaces - https://www.trendmicro.com/en_us/research/23/e/rust-based-info-stealers-abuse-github-codespaces.html

- Abusing a GitHub Codespaces Feature For Malware Delivery - https://www.trendmicro.com/en_us/research/23/a/abusing-github-codespaces-for-malware-delivery.html\

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- About the security content of iOS 16.5 and iPadOS 16.5 - https://support.apple.com/en-us/HT213757

- Lemon Group’s Cybercriminal Businesses Built on Preinfected Devices - https://www.trendmicro.com/en_us/research/23/e/lemon-group-cybercriminal-businesses-built-on-preinfected-devices.html

- PSA: Attackers Actively Exploiting Critical Vulnerability in Essential Addons for Elementor - https://www.wordfence.com/blog/2023/05/psa-attackers-actively-exploiting-critical-vulnerability-in-essential-addons-for-elementor/

- CISA Releases Five Industrial Control Systems Advisories - https://www.cisa.gov/news-events/alerts/2023/05/18/cisa-releases-five-industrial-control-systems-advisories 

- Papo Binário Gravação EP #100 - https://www.youtube.com/watch?v=HK-sHky1PEs

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- YouTube do Mente Binária - https://www.youtube.com/@mentebinaria/streams

- Playing for the Wrong Team: Dangerous Functionalities in Microsoft Teams Enable Phishing and Malware Delivery by Attackers - https://www.proofpoint.com/us/blog/threat-insight/dangerous-functionalities-in-microsoft-teams-enable-phishing

- Cisco Small Business Series Switches Buffer Overflow Vulnerabilities - https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sg-web-multi-S9g4Nkgv 

- Minas – on the way to complexity - https://securelist.com/minas-miner-on-the-way-to-complexity/109692

- #StopRansomware: BianLian Ransomware Group - https://www.cyber.gov.au/about-us/advisories/stopransomware-bianlian-ransomware-group 

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto